[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: So, what steps do the normal folks take to secure themselves?



Basically that. I disable javascript due to security and convenience
issues.  I run everything as a normal user. I disable all processes that I
am not using. I use gpg to check packages and make sure the tarballs I
download have the right checksums. Just some basic stuff. I don't run
things I receive by email.

If you're a "normal" home linux user, you probably have a apache,
sendmail, or similiar processes going. I make sure that these are patched
and with apache I follow the various directions from places like CERT
which tell me to delete the default files in data and cgi-bin and disable
modules that I don't need. I don't run sendmail myself; I use postfix.
This is because I don't understand the sendmail.cf and I like to know
what's going on.

Out of the ordinary, my firewall doesn't allow outgoing packets except on
ports that I specify. I have an implicit deny both in and out. It takes
longer to set up a policy this way, because you have to analyze your usage
with a portsniffer or by reading a lot of logs, but I think it's worth it.
Even if something in my internal network is comprimised, nonstandard ports
aren't allowed out. This breaks a lot of spyware.

You'll probably want to keep updates on cd-r or something similiar every
once in awhile. I do it weekly due to heavy disk usage on almost all of my
machines. Keeping updates protects you from all sorts of disasters. You
might want to consider taking your updates to grandma's house every in
awhile for safe-keeping of your files in case of a fire, tornado, flood,
etc. If your data is as valuable to you as the rest of your information,
treat it as such.

bja

> About 5 years ago I was a 100% windows user and never knew that linux
> even existed. Now I rarely use windows and when I do, it is only to play
> a few games that need windows.
>
> So my question is this, I run Mandrake 10.0 and have Shorewall up and
> running, blocking everything. What steps do I need to take in the linux
> world to protect myself from do-badders? I never log into root and I
> typically don't download and run/compile code from sites that are not
> well known. I also perform Mandrake Update regularly.
>
> In windows I am used to having my firewall up and my antivirus software
> always on the prowl and I used to run a full system sweep weekly. Is
> there antivirus software for linux out there that I can or should (more
> importantly) run? To be honest, I'm not sure I would know if I had a
> trojan if it came up and bit my kernel on the proverbial ass.
>
> Thanks,
> Ken Keefe
> Eternal Linux Student
>
>
>
> -
> To unsubscribe, send email to majordomo@silug.org with
> "unsubscribe silug-discuss" in the body.
>


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.